Solved ldap reference bug for nextcloud and cleaned up

roles/docker-ldap/Administration.md

@@ -1,31 +0,0 @@
-# Administration
-
-## Show Configuration
-```bash
-docker exec -it openldap bash -c "ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b 'cn=config'"
-```
-
-```bash
-docker exec -it openldap bash -c "ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b 'cn=config' -s base '(objectClass=*)'"
-```
-
-```bash
-docker exec -it openldap bash -c "ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b 'cn=config' -s base '(objectClass=olcModuleList)'"
-```
-
-### Databases Overview
-```bash
-docker exec -it openldap ldapsearch -Y EXTERNAL -H ldapi:/// -b "cn=config" "(olcDatabase=*)"
-```
-
-## Show all Entries
-```bash 
-docker exec -it openldap bash -c "ldapsearch -LLL -o ldif-wrap=no -x -D \"\$LDAP_ADMIN_DN\" -w \"\$LDAP_ADMIN_PASSWORD\" -b \"\$LDAP_ROOT\"";
-```
-
-### Delete Groups and Subgroup
-To delete the group inclusive all subgroups use:
-```bash
-docker exec -it openldap bash -c "ldapsearch -LLL -o ldif-wrap=no -x -D \"\$LDAP_ADMIN_DN\" -w \"\$LDAP_ADMIN_PASSWORD\" -b \"ou=applications,ou=groups,\$LDAP_ROOT\" dn | sed -n 's/^dn: //p' | tac | while read -r dn; do echo \"Deleting \$dn\"; ldapdelete -x -D \"\$LDAP_ADMIN_DN\" -w \"\$LDAP_ADMIN_PASSWORD\" \"\$dn\"; done"
-
-```

roles/docker-ldap/README.md

@@ -9,9 +9,9 @@ Unleash the potential of centralized identity management with OpenLDAP. This pow
 Deploy OpenLDAP in a Docker environment with support for TLS-secured communication via an NGINX stream proxy. OpenLDAP offers advanced directory management capabilities, including flexible schema definitions, dynamic configuration overlays, and comprehensive query support with LDAP search utilities.
 
 For further setup instructions and advanced configuration details, please refer to the following resources available in this directory:
-- [Administration.md](./Administration.md)
-- [Installation.md](./Installation.md)
-- [Change_DN.md](./Change_DN.md)
+- [Administration.md](docs/Administration.md)
+- [Installation.md](docs/Installation.md)
+- [Change_DN.md](docs/Change_DN.md)
 
 ## Features
 

roles/docker-ldap/docs/Administration.md

@@ -0,0 +1,31 @@
+# Administration
+
+## Show Configuration
+```bash
+docker exec -it ldap bash -c "ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b 'cn=config'"
+```
+
+```bash
+docker exec -it ldap bash -c "ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b 'cn=config' -s base '(objectClass=*)'"
+```
+
+```bash
+docker exec -it ldap bash -c "ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b 'cn=config' -s base '(objectClass=olcModuleList)'"
+```
+
+### Databases Overview
+```bash
+docker exec -it ldap ldapsearch -Y EXTERNAL -H ldapi:/// -b "cn=config" "(olcDatabase=*)"
+```
+
+## Show all Entries
+```bash 
+docker exec -it ldap bash -c "ldapsearch -LLL -o ldif-wrap=no -x -D \"\$LDAP_ADMIN_DN\" -w \"\$LDAP_ADMIN_PASSWORD\" -b \"\$LDAP_ROOT\"";
+```
+
+### Delete Groups and Subgroup
+To delete the group inclusive all subgroups use:
+```bash
+docker exec -it ldap bash -c "ldapsearch -LLL -o ldif-wrap=no -x -D \"\$LDAP_ADMIN_DN\" -w \"\$LDAP_ADMIN_PASSWORD\" -b \"ou=applications,ou=groups,\$LDAP_ROOT\" dn | sed -n 's/^dn: //p' | tac | while read -r dn; do echo \"Deleting \$dn\"; ldapdelete -x -D \"\$LDAP_ADMIN_DN\" -w \"\$LDAP_ADMIN_PASSWORD\" \"\$dn\"; done"
+
+```

roles/docker-ldap/docs/Change_DN.md

@@ -11,7 +11,7 @@ This document provides a step-by-step guide on how to rename the Distinguished N
 Connect to the OpenLDAP container and export the current entry:
 
 ```sh
-docker exec -it openldap sh -c 'ldapsearch -x -D "$LDAP_ADMIN_DN" -w "$LDAP_ADMIN_PASSWORD" -b "$LDAP_ROOT"' > all_entries.ldif
+docker exec -it ldap sh -c 'ldapsearch -x -D "$LDAP_ADMIN_DN" -w "$LDAP_ADMIN_PASSWORD" -b "$LDAP_ROOT"' > all_entries.ldif
 ```
 
 If your ***LDAP_ADMIN_DN*** and ***LDAP_ROOT***  are not accured pass them via ``--env``.
@@ -58,7 +58,7 @@ We need an **LDIF file that deletes all objects** under `dc=flock,dc=town`.
 Instead of manually writing an LDIF file, you can use `ldapsearch` and `awk` to generate it dynamically:
 
 ```sh
-docker exec -it openldap sh -c 'ldapsearch -x -D "cn=administrator,dc=flock,dc=town" -w "$LDAP_ADMIN_PASSWORD" -b "dc=flock,dc=town" dn' | awk "/^dn:/ {print \$2}" | tac > delete_all_dns.txt
+docker exec -it ldap sh -c 'ldapsearch -x -D "cn=administrator,dc=flock,dc=town" -w "$LDAP_ADMIN_PASSWORD" -b "dc=flock,dc=town" dn' | awk "/^dn:/ {print \$2}" | tac > delete_all_dns.txt
 ```
 
 This creates an **ordered delete list**, starting with child objects before deleting `dc=flock,dc=town`.
@@ -69,7 +69,7 @@ This creates an **ordered delete list**, starting with child objects before dele
 Now apply the generated `delete_all.ldif` to delete all entries **recursively**:
 
 ```sh
-docker exec -i openldap sh -c '
+docker exec -i ldap sh -c '
 while read dn; do
   ldapdelete -x -D "cn=administrator,dc=flock,dc=town" -w "$LDAP_ADMIN_PASSWORD" "$dn"
 done' < delete_all_dns.txt
@@ -81,7 +81,7 @@ done' < delete_all_dns.txt
 After running the delete command, verify that `dc=flock,dc=town` is empty:
 
 ```sh
-docker exec -it openldap sh -c 'ldapsearch -x -D "cn=administrator,dc=flock,dc=town" -w "$LDAP_ADMIN_PASSWORD" -b "dc=flock,dc=town"'
+docker exec -it ldap sh -c 'ldapsearch -x -D "cn=administrator,dc=flock,dc=town" -w "$LDAP_ADMIN_PASSWORD" -b "dc=flock,dc=town"'
 ```
 - ✅ If **no results** are returned, the domain has been deleted successfully.
 - ❌ If results still exist, some entries were not removed.
@@ -89,14 +89,14 @@ docker exec -it openldap sh -c 'ldapsearch -x -D "cn=administrator,dc=flock,dc=t
 
 #### Create new_database.ldif
 
-docker exec -i openldap ldapadd -Y EXTERNAL -H ldapi:/// -f /dev/stdin < new_database.ldif
+docker exec -i ldap ldapadd -Y EXTERNAL -H ldapi:/// -f /dev/stdin < new_database.ldif
 
 ## 4. Add the New Entry
 
 Now, upload the modified `all_entries.ldif`:
 
 ```sh
-cat all_entries.ldif | docker exec -i openldap sh -c 'ldapadd -x -D "cn=admin,dc=cymais,dc=cloud" -w "$LDAP_ADMIN_PASSWORD"'
+cat all_entries.ldif | docker exec -i ldap sh -c 'ldapadd -x -D "cn=admin,dc=cymais,dc=cloud" -w "$LDAP_ADMIN_PASSWORD"'
 ```
 
 ---
@@ -117,7 +117,7 @@ olcRootDN: cn=administrator,dc=cymais,dc=cloud
 Save the change and apply it:
 
 ```sh
-docker exec -it openldap ldapmodify -Y EXTERNAL -H ldapi:/// -f config_update.ldif
+docker exec -it ldap ldapmodify -Y EXTERNAL -H ldapi:/// -f config_update.ldif
 ```
 
 ---
@@ -127,7 +127,7 @@ docker exec -it openldap ldapmodify -Y EXTERNAL -H ldapi:/// -f config_update.ld
 Restart the OpenLDAP container if necessary:
 
 ```sh
-docker restart openldap
+docker restart ldap
 ```
 
 Now, `cn=administrator,dc=cymais,dc=cloud` should be active as the new administrator account.

roles/docker-ldap/docs/Installation.md

@@ -31,5 +31,5 @@ EOF
 ### Verifiy that MemberOf is activated and loaded
 ```bash
 docker exec -it ldap sh -c 'ls -l /opt/bitnami/openldap/lib/openldap/memberof.*'
-docker exec -it openldap ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config '(&(objectClass=olcOverlayConfig)(olcOverlay=memberof))'
+docker exec -it ldap ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config '(&(objectClass=olcOverlayConfig)(olcOverlay=memberof))'
 ```

roles/docker-ldap/templates/docker-compose.yml.j2

@@ -8,7 +8,7 @@ services:
 {% include 'roles/docker-compose/templates/services/base.yml.j2' %}
 {% if applications[application_id].network.public | bool %}
     ports:
-      - 127.0.0.1:{{ports.localhost.ldap.openldap}}:{{ldap_docker_port}}  # Expose just on localhost so that nginx stream proxy can use it
+      - 127.0.0.1:{{ports.localhost.ldap.ldap}}:{{ldap_docker_port}}  # Expose just on localhost so that nginx stream proxy can use it
 {% endif %}
     volumes:
       - 'data:/bitnami/openldap'

roles/docker-ldap/templates/ldif/configuration/01_member_of_configuration.ldif.j2

@@ -28,7 +28,7 @@
 # as the overlay only assigns the "member" attribute when a new group is created.
 
 # @todo Solve the following error:
-#fatal: [echoserver]: FAILED! => {"changed": true, "cmd": "docker exec -i openldap ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/ldif/01_member_of_configuration.ldif\n", "delta": "0:00:00.059605", "end": "2025-02-25 12:01:18.218851", "msg": "non-zero return code", "rc": 247, "start": "2025-02-25 12:01:18.159246", "stderr": "SASL/EXTERNAL authentication started\nSASL username: gidNumber=0+uidNumber=1001,cn=peercred,cn=external,cn=auth\nSASL SSF: 0\nldapmodify: modify operation type is missing at line 2, entry \"cn=module,cn=config\"", "stderr_lines": ["SASL/EXTERNAL authentication started", "SASL username: gidNumber=0+uidNumber=1001,cn=peercred,cn=external,cn=auth", "SASL SSF: 0", "ldapmodify: modify operation type is missing at line 2, entry \"cn=module,cn=config\""], "stdout": "", "stdout_lines": []}
+#fatal: [echoserver]: FAILED! => {"changed": true, "cmd": "docker exec -i ldap ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/ldif/01_member_of_configuration.ldif\n", "delta": "0:00:00.059605", "end": "2025-02-25 12:01:18.218851", "msg": "non-zero return code", "rc": 247, "start": "2025-02-25 12:01:18.159246", "stderr": "SASL/EXTERNAL authentication started\nSASL username: gidNumber=0+uidNumber=1001,cn=peercred,cn=external,cn=auth\nSASL SSF: 0\nldapmodify: modify operation type is missing at line 2, entry \"cn=module,cn=config\"", "stderr_lines": ["SASL/EXTERNAL authentication started", "SASL username: gidNumber=0+uidNumber=1001,cn=peercred,cn=external,cn=auth", "SASL SSF: 0", "ldapmodify: modify operation type is missing at line 2, entry \"cn=module,cn=config\""], "stdout": "", "stdout_lines": []}
 
 
 dn: cn=module,cn=config

roles/docker-ldap/templates/nginx.stream.conf.j2

@@ -1,6 +1,6 @@
 server {
-    listen {{ports.public.ldaps.openldap}}ssl;
-    proxy_pass 127.0.0.1:{{ports.localhost.ldap.openldap}};
+    listen {{ports.public.ldaps.ldap}}ssl;
+    proxy_pass 127.0.0.1:{{ports.localhost.ldap.ldap}};
 
     # SSL Configuration for LDAPS
     {% include 'roles/letsencrypt/templates/ssl_credentials.j2' %}